[policycoreutils] Update to upstream * Use correct color range in mcstrand by Richard Haines.
Daniel J Walsh
dwalsh at fedoraproject.org
Wed Apr 13 20:52:49 UTC 2011
commit 9f65a268643b8a74edc3634076c29d61a3864132
Author: Dan Walsh <dwalsh at redhat.com>
Date: Wed Apr 13 16:52:53 2011 -0400
Update to upstream
* Use correct color range in mcstrand by Richard Haines.
.gitignore | 1 +
policycoreutils-rhat.patch | 67 ++++++++++++++++++++++++++++++++++++++-----
policycoreutils.spec | 18 +++++++++--
sources | 2 +-
4 files changed, 75 insertions(+), 13 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 6f6bed7..1eb6044 100644
--- a/.gitignore
+++ b/.gitignore
@@ -223,3 +223,4 @@ sepolgen-1.0.23.tgz
policycoreutils-2.0.83.tgz
/policycoreutils-2.0.84.tgz
/policycoreutils-2.0.85.tgz
+/policycoreutils-2.0.86.tgz
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index e49a441..357171f 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -3194,10 +3194,10 @@ index 3f9efba..7c6d75a 100644
+/etc/selinux/{SELINUXTYPE}/seusers
diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles
-index ae519fc..0890811 100755
+index ae519fc..7d21ea3 100755
--- a/policycoreutils/scripts/fixfiles
+++ b/policycoreutils/scripts/fixfiles
-@@ -21,6 +21,25 @@
+@@ -21,6 +21,44 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
@@ -3210,12 +3210,31 @@ index ae519fc..0890811 100755
+ grep --silent "$i ".*seclabel /proc/self/mounts && echo $i
+done
+}
-+
++exclude_dirs_from_relabelling() {
++ exclude_from_relabelling=
++ if [ -e /etc/selinux/fixfiles_exclude_dirs ]
++ then
++ while read i
++ do
++ # skip blank line and comment
++ # skip not absolute path
++ # skip not directory
++ [ -z "${i}" ] && continue
++ [[ "${i}" =~ "^[[:blank:]]*#" ]] && continue
++ [[ ! "${i}" =~ ^/.* ]] && continue
++ [[ ! -d "${i}" ]] && continue
++ exclude_from_relabelling="$exclude_from_relabelling -e $i"
++ logit "skipping the directory $i from relabelling"
++ done < /etc/selinux/fixfiles_exclude_dirs
++ fi
++ echo "$exclude_from_relabelling"
++}
+exclude_dirs() {
+ exclude=
+ for i in /var/lib/BackupPC /home /tmp /dev; do
+ [ -e $i ] && exclude="$exclude -e $i";
+ done
++ exclude="$exclude `exclude_dirs_from_relabelling`"
+ echo "$exclude"
+}
+
@@ -3223,7 +3242,7 @@ index ae519fc..0890811 100755
# Set global Variables
#
fullFlag=0
-@@ -35,9 +54,7 @@ SYSLOGFLAG="-l"
+@@ -35,9 +73,7 @@ SYSLOGFLAG="-l"
LOGGER=/usr/sbin/logger
SETFILES=/sbin/setfiles
RESTORECON=/sbin/restorecon
@@ -3234,7 +3253,7 @@ index ae519fc..0890811 100755
SELINUXTYPE="targeted"
if [ -e /etc/selinux/config ]; then
. /etc/selinux/config
-@@ -87,23 +104,10 @@ if [ -f ${PREFC} -a -x /usr/bin/diff ]; then
+@@ -87,23 +123,10 @@ if [ -f ${PREFC} -a -x /usr/bin/diff ]; then
esac; \
fi; \
done | \
@@ -3259,7 +3278,7 @@ index ae519fc..0890811 100755
rpmlist() {
rpm -q --qf '[%{FILESTATES} %{FILENAMES}\n]' "$1" | grep '^0 ' | cut -f2- -d ' '
-@@ -121,23 +125,16 @@ if [ ! -z "$PREFC" ]; then
+@@ -121,24 +144,34 @@ if [ ! -z "$PREFC" ]; then
fi
if [ ! -z "$RPMFILES" ]; then
for i in `echo "$RPMFILES" | sed 's/,/ /g'`; do
@@ -3282,11 +3301,30 @@ index ae519fc..0890811 100755
[ -x /usr/sbin/genhomedircon ] && /usr/sbin/genhomedircon
-LogReadOnly
-${SETFILES} -q ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 >> $LOGFILE
+-rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-*
++#
++exclude_dirs="`exclude_dirs_from_relabelling`"
++if [ -n "${exclude_dirs}" ]
++then
++ TEMPFCFILE=`mktemp ${FC}.XXXXXXXXXX`
++ test -z "$TEMPFCFILE" && exit
++ /bin/cp -p ${FC} ${TEMPFCFILE} &>/dev/null || exit
++ exclude_dirs=${exclude_dirs//-e/}
++ for p in ${exclude_dirs}
++ do
++ p="${p%/}"
++ p1="${p}(/.*)? -- <<none>>"
++ echo "${p1}" >> $TEMPFCFILE
++ logit "skipping the directory ${p} from relabelling"
++ done
++FC=$TEMPFCFILE
++fi
+${SETFILES} -q ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMS} 2>&1 | cat >> $LOGFILE
- rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-*
++rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-* $TEMPFCFILE
find /tmp \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t tmp_t {} \;
find /var/tmp \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t tmp_t {} \;
-@@ -146,8 +143,7 @@ exit $?
+ exit $?
+@@ -146,8 +179,7 @@ exit $?
fullrelabel() {
logit "Cleaning out /tmp"
@@ -3296,6 +3334,19 @@ index ae519fc..0890811 100755
restore
}
+diff --git a/policycoreutils/scripts/fixfiles.8 b/policycoreutils/scripts/fixfiles.8
+index dfe8aa9..0b4cbaa 100644
+--- a/policycoreutils/scripts/fixfiles.8
++++ b/policycoreutils/scripts/fixfiles.8
+@@ -29,6 +29,8 @@ new policy, or just check whether the file contexts are all
+ as you expect. By default it will relabel all mounted ext2, ext3, xfs and
+ jfs file systems as long as they do not have a security context mount
+ option. You can use the -R flag to use rpmpackages as an alternative.
++The file /etc/selinux/fixfiles_exclude_dirs can contain a list of directories
++excluded from relabelling.
+ .P
+ .B fixfiles onboot
+ will setup the machine to relabel on the next reboot.
diff --git a/policycoreutils/scripts/genhomedircon.8 b/policycoreutils/scripts/genhomedircon.8
new file mode 100644
index 0000000..6331660
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 4ae781d..aee241e 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -1,13 +1,13 @@
%define libauditver 1.4.2-1
-%define libsepolver 2.0.42-3
+%define libsepolver 2.0.43-2
%define libsemanagever 2.0.43-4
%define libselinuxver 2.0.90-3
%define sepolgenver 1.0.23
Summary: SELinux policy core utilities
Name: policycoreutils
-Version: 2.0.85
-Release: 28%{?dist}
+Version: 2.0.86
+Release: 1%{?dist}
License: GPLv2
Group: System Environment/Base
# Based on git repository with tag 20101221
@@ -163,7 +163,7 @@ Requires(post): /sbin/chkconfig
BuildRequires: libcap-ng-devel
%description sandbox
-The policycoreutils-python package contains the scripts to create graphical sandboxes
+The policycoreutils-sandbox package contains the scripts to create graphical sandboxes
%files sandbox
%defattr(-,root,root,-)
@@ -331,6 +331,16 @@ fi
exit 0
%changelog
+* Tue Apr 29 2011 Dan Walsh <dwalsh at redhat.com> 2.0.86-1
+- Update to upstream
+ * Use correct color range in mcstrand by Richard Haines.
+
+* Mon Apr 11 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-30
+- Add Elia Pinto patches to allow user to specify directories to ignore
+
+* Tue Apr 5 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-29
+- Fix policycoreutils-sandbox description
+
* Tue Mar 29 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-28
- rsynccmd should run outside of execcon
diff --git a/sources b/sources
index 000467f..c65b198 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
49faa2e5f343317bcfcf34d7286f6037 sepolgen-1.0.23.tgz
59d33101d57378ce69889cc078addf90 policycoreutils_man_ru2.tar.bz2
-92fa615448d443b22c4ad6ecf89fc974 policycoreutils-2.0.85.tgz
+13d864a8a6f8a933ef7aee7baf4a9662 policycoreutils-2.0.86.tgz
More information about the scm-commits
mailing list